0% found this document useful (0 votes)
20 views1 page

Secret Manager Script

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
20 views1 page

Secret Manager Script

Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

cat demo.

sh
#!/usr/bin/env bash

# variables

function handle_error(){
exit_status=$1
line_no=$2
error_message="$3"

if [[ $exit_status -ne 0 ]]; then


error $line_no "$error_message"

fi
}

function error(){
lineno=$1
message=$2
echo -e "${module}:${lineno} [ERROR] ${message}" | tee -a $LOG
}

function get_secret_secretsmanager_cli(){

DEMO_KEY_NAME="passkey"
export TOKEN=$(curl -X PUT -H "X-aws-ec2-metadata-token-ttl-seconds: 300"
http://169.254.169.254/latest/api/token)
# Get region from ec2 metadata
region='curl
http://169.254.169.254/latest/meta-data/placement/region -H "X-aws-ec2-metadata-
token: $TOKEN"'
echo "Region "$region
# Get instance id from ec2 metadata
instance_id='curl http://169.254.169.254/latest/meta-data/instance-
id -H "X-aws-ec2-metadata-token: $TOKEN"'
echo "Instance id "$instance_id

# Get stage like Preprod/prod or QA/Dev or Owner name etc


Owner=$(aws ec2 describe-tags --region $region --filters
"Name=reource-id,Values=$instance_id" --query 'Tags[?Key== 'Owner' ].Value' --
output text)
echo "EC2 tag value of owner :"$Owner
# Get secret key
demo_key=$(aws secretsmanager get-secret-value --secret-id
$DEMO_KEY_NAME --region $region --query SecretString --output text | cut -d: -f2 |
tr -d \"})
echo "Key from secret manager : "$demo_key
if [ $demo_key ]; then
echo $demo_key
else
echo "demo_key not found in aws secret manager"
handle_error $? $((LINENO - 1)) "Failed to find demo_key
from secret manager"
fi
}

# Start getting secret from aws secret manager using cli command in Bash
script
get_secret_secretsmanager_cli

You might also like